Vice President and General Counsel
|Timeline of ICANN and the Agreements
|A. Verio's Process Violates ICANN Policy
|B. Register.com's Whois Restriction
Breaches Section II.F.5
of the Registrar Accreditation Agreement
|C. The Exclusive Remedies
for Register.com's Breach Are Specified
in the Registrar Accreditation Agreement, and Only ICANN Has
Standing to Invoke Them
|Exhibit ALetter to Verisign Global Registry Services
|Walters v. Calderon, 25 Cal. App. 3d 863, 102 Cal. Rptr. 89 (1972)
|Eastern Aviation Group, Inc. v. Airborne Express, Inc., 6 Cal. App. 4th 1448, 1452, 8 Cal. Rptr. 2d 355, 357-58 (1992)
As requested in Jeff Brown's e-mail of September 12, 2000, the Internet Corporation for Assigned Names and Numbers (ICANN) submits this memorandum as amicus curiae to set forth ICANN's position on the interpretation of the Registrar Accreditation Agreement and related agreements.
As explained below, the Registrar Accreditation Agreement is one of several agreements among ICANN and other organizations involved in the Internet domain-name system (DNS). Those agreements are closely interrelated and operate cooperatively to implement those organizations' agreements to adhere to various policies developed through the private-sector, consensus-based process for management of the technical aspects of the Internet that has been established under the auspices of ICANN.
Based on the facts presented in Mr. Brown's e-mail, augmented by review of public versions of the parties' submissions, it is ICANN's position that:
1. The process Verio is employing to enable its telemarketing to recent registrants of domain names is contrary to ICANN policy and appears to violate at least one of the agreements;
2. In prohibiting use, for advertising or solicitations by direct mail and telephone, of Whois information it provides in response to queries made through proper means, Register.com has breached a promise it made in section II.F.5 of its Registrar Accreditation Agreement with ICANN; and
3. The exclusive means of legally enforcing Register.com's promise are through ICANN's invocation of the remedies stated in sections II.N and II.P of the Registrar Accreditation Agreement.
The remainder of this memorandum describes the background and operation of the agreements and the reasons for the above positions.
To best understand the positions stated above, it is helpful briefly to review the history of ICANN's formation and the process by which the various agreements were achieved. The following timeline summarizes those events.
|June 5, 1998
|U.S. Government issues its "White Paper" (Statement of Policy on Management of Internet Names and Addresses, 63 Fed. Reg. 31741 (paper version published June 10, 1998) ) inviting the Internet community to form a not-for-profit, representative, private-sector organization (then called "NewCo") to gradually assume the U.S. Government's responsibilities for technical coordination of the Internet. The White Paper also states the U.S. Government's intention to replace its exclusive arrangement with Network Solutions with a system comprised of competitive registrars.
|November 25, 1998
|U.S. Government enters Memorandum of Understanding with ICANN recognizing it as NewCo. The Memorandum calls for ICANN to perform a variety of tasks over a two-year transition period, including the design, development, and testing of measures to introduce competition in the registration of .com, .net, and .org top-level domains.
|January 22, 1999
|Network Solutions meets with the U.S. Department of Commerce and ICANN concerning the emergence of automated (robot) processes directed against Network Solutions' registration and Whois systems. As a result of this and follow-up discussions, public access to the .com, .net, and .org zone files becomes subject to use restrictions set forth in a "Zone File Access Agreement."
|February 8, 1999
|ICANN's staff publishes proposed guidelines for accreditation of registrars to compete with Network Solutions.
|March 4, 1999
|After discussion of the guidelines within the Internet community, ICANN's Board of Directors adopts Statement of Registrar Accreditation Policy.
|ICANN selects first five (testbed) competitive registrars.
|April 27, 1999
|Register.com signs original Registrar Accreditation Agreement.
|June 2, 1999
|First competitive registrar (Register.com) begins registrations in .com, .net, and .org top-level domains.
|September 28, 1999
|U.S. Department of Commerce, Network Solutions, and ICANN announce tentative agreement on a series of agreements among them concerning the post-testbed operation of the .com, .net, and .org top-level domains in a competitive environment. Among the agreements is a revised Registrar Accreditation Agreement and a revised Zone File Access Agreement.
|November 4, 1999
|ICANN's Board of Directors approves agreements.
|November 10, 1999
|U.S. Department of Commerce, Network Solutions, and ICANN sign the agreements.
|November 30, 1999
|Register.com signs the revised Registrar Accreditation Agreement.
Although Verio has redacted (1) technical details from the background materials it has provided to ICANN, based on the public materials it appears likely to ICANN that Verio's process involves periodically obtaining "zone files" from the .com, .net, and .org registry, comparing sequential versions of those files to determine what names are newly registered, and setting up automated processes for querying Register.com's Whois service. Based on the data Verio obtains in this way, Verio conducts various direct solicitation activities by e-mail and telephone.
Assuming that Verio's activities are as described above, they violate ICANN policies. In particular, use of zone file data to set up automated processes directed at a registrar's systems (including Whois servers) is a practice that came to light as a threat to the stable operation of the registration system at the beginning of 1999, resulting in measures to prohibit the practice. Specifically, on the evening of January 22, 1999, Network Solutions met with officials of the U.S. Department of Commerce and ICANN to describe serious concerns Network Solutions had over recently arisen practices of automated queries to their systems. As described by Network Solutions at that meeting, Network Solutions had become the target of a three-step process that various third parties were directing against it:
1. The third parties were obtaining daily "zone files," which contained a list of all active registered names in the .com, .net, and .org TLDs. Prior to the January 1999 meeting, these zone files were freely available to the public for downloading without conditions. The third parties were electronically comparing consecutive zone files to determine what names had been added and deleted.
2. Based on these differences, the third parties were then setting up automatic processes to query Network Solutions' Whois servers about the names that had changed status.
3. In some cases, the third parties were then applying to register names that had dropped off registration by e-mailing requests (known as "templates") to Network Solutions. At the time, a registration could be obtained in this manner without prepayment, subject to payment of a bill that Network Solutions would later send to the third party.
At the January 1999 meeting, Network Solutions officials stated that the effects of items (2) and (3) above were seriously burdening their computer systems and hampering their ability to provide timely registration services to persons seeking to register names through conventional means. Network Solutions proposed that it be allowed to condition public zone file access on the recipient's agreement to various provisions, including a promise not to use the zone file data to enable high volume, automated, electronic processes directed at Network Solutions' systems.
In the aftermath of these proposals, the U.S. Department of Commerce (which then was responsible for supervising Network Solutions' operation of the registration system) authorized Network Solutions to require all recipients of zone files to enter a "zone file access agreement" under which the recipient of the zone file data agreed not to use it to enable automated processes directed at Network Solutions.
The introduction of competition in registrar services was scheduled to occur in a "testbed" commencing in mid-1999. In the months after the January 1999 meeting, some agreements among the various participants (ICANN, the U.S. Department of Commerce, Network Solutions, and competitive registrars) were developed to allow the testbed to proceed. Those agreements included the original Registrar Accreditation Agreement between ICANN and the competitive registrars under which the registrars agreed with ICANN to provide free public Whois service concerning their customers.(2) Network Solutions refused to become accredited by ICANN on these terms or to recognize ICANN's role as the private-sector coordination body endorsed by the U.S. Government. As a result, Network Solutions, the U.S. Government, and ICANN engaged in discussions throughout the summer of 1999 concerning the establishment of more comprehensive contractual arrangements under which Network Solutions would be willing, after the testbed, to participate directly in the new, competitive environment.
Tentative agreement on these arrangements was announced on September 28, 1999 and, after extensive discussions throughout the Internet community, a set of agreements (with several revisions) was approved at the ICANN meeting on November 4, 1999. Among the approved agreements were (1) a revised Registrar Accreditation Agreement(3) (the one currently being used) to be entered between each accredited registrar and ICANN and (2) a Registry Agreement(4) between Network Solutions' Registry Division and ICANN. The Network Solutions Registry Division operates the central registry database that receives the registrations taken by all registrars and generates zone files from that database.
Section 19 of the Network Solutions-ICANN Registry Agreement requires NSI to provide zone files to the public on the following conditions:
19. Bulk Access to Zone Files. NSI shall provide third parties bulk access to the zone files for .com, .net, and .org TLDs on the terms set forth in the zone file access agreement (attached as Appendix D). Such agreement may be revised by NSI, provided however, that any such changes must be approved in advance by ICANN.
The approved form of the zone file access agreement(5) states in relevant part:
4. GRANT OF ACCESS
Network Solutions grants to you a non-exclusive, non-transferable, limited right to access an Internet host server or servers designated by Network Solutions from time to time, and to transfer a copy of the Data to the Internet host machine identified in Section 2 of this Agreement no more than once per 24 hour period using FTP for the purposes described in the next following sentence. You agree that you will use this Data only for lawful purposes but that, under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of unsolicited, commercial e-mail (spam) to entities other than your own existing customers; or (2) enable high volume, automated, electronic processes that apply to any .com, .net, or .org registrar (or their systems) for large numbers of domain names, except as reasonably necessary to register domain names or modify existing registrations. Network Solutions reserves the right, with the approval of the U.S. Department of Commerce, which shall not unreasonably be withheld, to specify additional specific categories of prohibited uses by giving you reasonable written notice at any time and upon receiving such notice you shall not make such prohibited use of the Data you obtain under this Agreement. You agree that you will only copy the Data you obtain under this Agreement into a machine-readable or printed form as necessary to use it in accordance with this Agreement in support of your use of the Data. You agree that you will comply with all applicable laws and regulations governing the use of the Data. You agree to take all reasonable steps to protect against unauthorized access to, use and disclosure of the Data you obtain under this Agreement. Except as provided in Section 2(j) above, you agree not to distribute the Data you obtained under this Agreement or any copy thereof to any other party without the express prior written consent of Network Solutions.
In this case, Verio's apparent use of the zone file data is of the type that the portions of Section 4 of the zone file access agreement highlighted above were specifically intended to prohibit.(6) To provide an appropriate vehicle for those seeking bulk access to Whois datawithout the harmful effects that zone-file-enabled Whois queries can causethe revised Registrar Accreditation Agreement incorporated another mechanism for bulk access. Section II.F.6 was added to require that registrars to make their Whois data available for weekly bulk downloading(7) under appropriate conditions, including compensation to the registrar and a provision for individuals to opt-out of the bulk distribution. Verio's use of the zone files to enable massive query-based acquisition of Whois information cannot properly be used to avoid the conditions required for bulk access.
Based on the details reflected in the public versions of the papers in this matter, ICANN is concerned that Verio's activities may adversely affect the operation, both at Register.com and at other registrars, of the domain-name registration system and that those activities appear to violate the protective provisions of the zone file access agreement. Accordingly, ICANN has requested Network Solutions' Registry Division (recently renamed as Verisign Global Registry Services) to investigate the circumstances of Verio's access to the zone files and provide the results of that investigation to ICANN for evaluation and appropriate action. See Exhibit A to this memorandum.
Section II.F.5 of the current Registrar Accreditation Agreement limits the registrars' abilities to place conditions on use of the data they provide the public in query-based Whois services:
In providing query-based public access to registration data as required by Sections II.F.1 and II.F.4, Registrar shall not impose terms and conditions on use of the data provided except as permitted by an ICANN-adopted policy. Unless and until ICANN adopts a different policy, Registrar shall permit use of data it provides in response to queries for any lawful purposes except to: (a) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam); or (b) enable high volume, automated, electronic processes that apply to Registrar (or its systems).
Register.com has stated, in a legend accompanying its Whois data, that use of the data is limited as follows:
By submitting a WHOIS query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone; or (2) enable high volume, automated, electronic processes that apply to Register.com (or its systems).
To the extent that Register.com is using this legend to restrict otherwise lawful(8) use of the data for mass unsolicited, commercial advertising or solicitations by direct mail or telephone (and not just by electronic mail), it is ICANN's position that Registrar.com has failed to comply with the promise it made in Section II.F.5 of the Registrar Accreditation Agreement.(9)
The Registrar Accreditation Agreement is one of several related agreements among the registrars, Network Solutions' Registry Division, and ICANN intended to make possible the privatization of the U.S. Government's former role in the technical coordination of the Internet's domain-name-registration system. By these agreements, the parties agree to engage in a consensus-based, internationally representative process for the formulation of policies under the auspices of ICANN. The parties also promise to abide by the outcome of that process.
One key requirement for the effective operation of this process is that enforcement of the promises should be done within the ICANN process rather than through court proceedings initiated by third parties. This is because proper expression of the letter and spirit of ICANN policies is most appropriately achieved through the ICANN process itself, and not through forums that lack the everyday familiarity with the intricate technical and policy issues that the ICANN process was designed to address.
Here, Register.com asserts that Verio is violating a no-telephone-marketing agreement it made in accessing Register.com's Whois data. One defense Verio asserts is that Register.com's act in imposing that condition violated its promise in Section II.F.5 of the Registrar Accreditation Agreement. Register.com's promise, however, was not made to Verio, but was made in an agreement with ICANN. That agreement says in unmistakable terms that Register.com incurs no obligation to third parties such as Verio:
2. No Third-Party Beneficiaries. This Agreement shall not be construed to create any obligation by either ICANN or Registrar to any non-party to this Agreement, including any SLD holder.
Section II.S.2 of the revised Registrar Accreditation Agreement.
Under California law,(10) third-party beneficiary status arises only where the contracting parties have deliberately conferred that status. "It must appear to have been the intention of the parties to secure to [the third party] personally the benefit of [the contract's] provisions." Walters v. Calderon, 25 Cal. App. 3d 863, 871, 102 Cal. Rptr. 89, 93 (1972). As the court noted in Eastern Aviation Group, Inc. v. Airborne Express, Inc., 6 Cal. App. 4th 1448, 1452, 8 Cal. Rptr. 2d 355, 357-58 (1992):
Whether the third party is an intended beneficiary or merely an incidental beneficiary involves construction of the intention of the parties, gathered from reading the contract as a whole in light of the circumstances under which it was entered.
In this case, the language, structure, and circumstances of the agreement all point to the conclusion that Verio is not an intended third-party beneficiary.
It is difficult to imagine how the contractual language quoted above could more clearly exclude third-party beneficiary status. This language is by no means "boilerplate," as characterized by Verio. Instead, it is language that was specifically drafted for the original Registrar Accreditation Agreement. It is vital to the overall scheme of the various agreements that enforcement of agreements with ICANN be informed by the judgment of the various segments of the Internet community as expressed through ICANN. In the fast-paced environment of the Internet, new issues and situations arise quickly, and sometimes the language of contractual provisions does not perfectly match the underlying policies. For this and other reasons, hard-and-fast enforcement of the letter of every term of every agreement is not always appropriate. An integral part of the agreements that the registrars and other participants entered with ICANN is the understanding that these situations would be handled through consultation and consideration within the ICANN process, including the various reconsideration, independent review, and other mechanisms available in that process. In the event a dispute cannot be resolved by these means, the parties further provided that a carefully calibrated procedure culminating in arbitration must be followed. See Registrar Accreditation Agreement sections II.P and II.N.
Allowing issues under the agreements registrars make with ICANN to be diverted from this carefully crafted remedial scheme to the courts, at the behest of third parties that are not responsible (as ICANN is) to implement the policies developed through community consensus, would seriously threaten the Internet community's ability, under the auspices of ICANN, to achieve a proper balance of the competing policy values that are so frequently involved.
If Verio had concerns regarding Register.com's conditions for access to Whois data, it should have raised them within the ICANN process rather simply taking Register.com's(11) data, violating the conditions, and then seeking to justify its violation in this Court by complaining that Register.com has breached an agreement that is intended to be addressed only within the ICANN process.
ICANN hopes that this memorandum has addressed the Court's questions set forth in the September 12, 2000 e-mail. ICANN urges the Court to promote the integrity of the ICANN process by allowing the contractually specified, exclusive remedies for alleged breaches to operate as they were intended.
Dated: September 22, 2000
Vice President and General Counsel
Internet Corporation for Assigned
Names and Numbers
4676 Admiralty Way, Suite 330
Marina del Rey, California 90292
Telephone: +1 310 823-9358
Fax: +1 310 823-8649
September 21, 2000
Philip L. Sbarbaro, Esq.
Verisign Global Registry Services
(f/k/a NSI Registry)
Network Solutions, Inc.
505 Huntmar Park Drive
Herndon, VA 20170
In reviewing publicly available filings in the Register.com v. Verio litigation, it appears to me that Verio Inc. may be using zone file data to enable high volume, automated, electronic processes directed at the Whois servers of Register.com, and perhaps other registrars. As you may recall, for over a year there have been concerns regarding the negative effects on the operation of the domain-name system of the practice of employing automated processes based on zone-file data. The agreements among accredited registrars, NSI Registry (recently renamed Verisign Global Registry Services), ICANN, and the U.S. Department of Commerce are intended to address this practice and its effects.
On behalf of ICANN, I am requesting that Verisign Global Registry Services investigate, with reference to the various agreements, the circumstances under which Verio is obtaining the zone-file data. Please let me know the results of your investigation as soon as possible so that consideration can be given to steps to resolving these issues.
I appreciate your continued cooperative support of the Internet community's efforts to promote the unimpaired technical operation of the domain-name system.
Vice President and General Counsel
cc: Chuck Gomes, Vice President, Internet
1. Both parties have provided ICANN with background materials consisting of their memoranda and various declarations. In providing its information, Verio advised ICANN that confidential information had been redacted and offered to provide that redacted information upon ICANN's signing a confidentiality agreement. Because it appears likely that ICANN's responsibility for technical coordination of the Internet may require it to investigate, and possibly take action on, the matters subject to redaction, ICANN has determined not to sign a confidentiality agreement.
6. In its papers, Verio suggests that the automated-process prohibition applies only to "applying for registrations." Rony Decl. ¶ 29. Such an interpretation is contrary to both the history and language of the zone file access agreement. The history is set forth above and was directly intended to prohibit use of zone file data to enable automated Whois queries. The language, moreover, states that automated processes applying to a Registrar's systems for large numbers of "names" (not just "registrations") is prohibited. Whois queries are encompassed in this prohibition. Indeed, Verio's assertion that the provision relates only to applying for name registration (rather than name data) would render the rest of the sentence, which specifically allows processes "reasonably necessary to register domain names," nonsensical.
7. No similar option was included in the original Registrar Accreditation Agreement.
8. In view of the discussion in part A above, Verio's access does not appear to be lawful. Register.com's imposition of the conditions, however, is not limited to Verio.
9. Mr. Brown's September 25, 2000 e-mail inquires also about "single targeted e-mails." The allowed restriction relates to "mass unsolicited, commercial advertising or solicitations via e-mail." To the extent that Verio is sending e-mails to a list it generates based on the Whois data, it is ICANN position that Verio violates that restriction.
10. At the beginning of the Registrar Accreditation Agreement, the parties agree that the agreement shall be deemed made at Los Angeles, California.
11. It should be noted that Section II.H of the Registrar Accreditation Agreement specifically allows Register.com to claim ownership of most parts of the Whois data, subject to various specified licenses.